$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/S2uxhR1aacGsduU8AWjqJOer-9I.roa File: S2uxhR1aacGsduU8AWjqJOer-9I.roa (raw, json) Hash identifier: egNX03Qc4tngusJT+hrhzTjKH6TaTB4Y70Iq7IUEhvQ= Subject key identifier: 4B:6B:B1:85:1D:5A:69:C1:AC:76:E5:3C:01:68:EA:24:E7:AB:FB:D2 Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Certificate serial: 1733 Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/S2uxhR1aacGsduU8AWjqJOer-9I.roa Signing time: Wed 12 Feb 2025 01:36:29 +0000 ROA not before: Wed 12 Feb 2025 01:36:29 +0000 ROA not after: Tue 26 Aug 2025 01:57:03 +0000 asID: 3462 IP address blocks: 202.39.0.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.mft rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.crl rsync://rpkica.twnic.tw/rpki/TWNICCA/ojp8Y1RxGKrkl_A-ExIclqs0VH4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ojp8Y1RxGKrkl_A-ExIclqs0VH4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 02:06:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5939 (0x1733) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509 Validity Not Before: Feb 12 01:36:29 2025 GMT Not After : Aug 26 01:57:03 2025 GMT Subject: CN=4B6BB1851D5A69C1AC76E53C0168EA24E7ABFBD2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:37:0c:e2:86:ef:bc:72:ab:53:f9:47:20:6f: 8f:c1:08:6c:30:59:8c:bf:75:6d:ae:65:ab:d4:a2: 12:26:41:25:ef:bb:d2:86:bf:e1:76:65:17:16:dc: 85:3d:5b:24:fd:18:60:e7:57:ae:f8:ea:1d:d7:6b: af:10:f0:90:5d:80:09:89:d9:3b:8d:7b:24:81:71: da:87:7d:ea:d2:56:3a:31:54:93:7c:54:f7:3c:57: 27:05:29:95:57:44:98:e2:23:27:ab:d2:e6:13:c4: 49:58:1b:92:45:81:86:cf:55:eb:93:1d:b2:e7:04: 94:60:96:9a:43:11:55:1f:b5:eb:73:91:0d:d2:e1: ec:5a:6e:1e:3b:da:4e:e2:9a:94:f4:1a:8c:b2:95: c7:cf:da:e7:cd:a6:e8:b0:55:ba:16:55:10:45:33: e9:dc:c7:0d:ce:15:17:68:32:42:ca:f1:f5:ca:16: e5:16:a7:b8:d5:96:09:57:7b:a9:46:21:69:bf:8a: 40:0b:70:d6:87:09:e2:81:7b:45:3b:e1:5c:0e:d0: 95:b9:02:f9:a8:db:0e:0b:ec:0c:e8:8f:5d:05:fb: 80:03:8f:83:cc:d4:9c:14:d8:63:eb:f9:50:26:66: 63:e8:c6:55:13:02:cf:37:f2:74:8c:f9:ae:38:51: ff:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:6B:B1:85:1D:5A:69:C1:AC:76:E5:3C:01:68:EA:24:E7:AB:FB:D2 X509v3 Authority Key Identifier: keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl Authority Information Access: CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/S2uxhR1aacGsduU8AWjqJOer-9I.roa RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.39.0.0/18 Signature Algorithm: sha256WithRSAEncryption b2:e6:36:a4:a0:ab:56:44:3e:ab:a7:92:64:1a:b2:c9:84:e2: cc:70:f7:fb:14:23:a5:f6:d8:9d:62:08:35:d1:5e:51:00:f5: da:4f:9c:f3:6f:8c:53:d5:12:4c:45:cc:25:2f:d6:4f:be:08: 9a:43:e1:de:45:7f:8b:d0:e2:21:04:a5:d1:e5:8a:cb:5e:68: 29:f7:58:40:a3:65:af:06:a4:d8:93:61:64:b5:86:e1:22:6c: 4b:fa:23:62:87:1d:4b:4d:96:e4:df:b6:b5:64:29:7f:8a:3e: a5:7d:48:42:93:e1:a9:81:82:d4:04:1e:d3:08:5d:bc:39:db: b1:fe:68:15:48:0a:24:51:90:44:26:b7:fc:bc:58:d7:c4:1a: d8:c4:77:50:61:a3:d0:48:a2:7d:4d:0e:41:6b:64:b1:f5:04: 77:0b:23:fb:2f:34:14:a7:1f:b1:55:0d:8e:4d:85:96:23:df: 6e:85:73:67:bf:12:81:66:d9:82:78:0c:42:11:c9:9d:6a:84: d0:59:ff:b1:f4:09:de:ce:4c:fb:7d:9e:22:f8:b6:cf:dc:fc: e4:e2:32:b1:7d:e8:ea:5e:9e:9a:2d:0e:25:5b:12:e4:a6:e8: a7:6b:89:59:18:a8:ce:39:30:bd:9e:79:33:af:42:e0:df:c9: e2:fb:99:67 -----BEGIN CERTIFICATE----- MIIE0DCCA7igAwIBAgICFzMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5 RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw MTM2MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRCNkJCMTg1MUQ1QTY5 QzFBQzc2RTUzQzAxNjhFQTI0RTdBQkZCRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCYNwzihu+8cqtT+Ucgb4/BCGwwWYy/dW2uZavUohImQSXvu9KG v+F2ZRcW3IU9WyT9GGDnV6746h3Xa68Q8JBdgAmJ2TuNeySBcdqHferSVjoxVJN8 VPc8VycFKZVXRJjiIyer0uYTxElYG5JFgYbPVeuTHbLnBJRglppDEVUftetzkQ3S 4exabh472k7impT0GoyylcfP2ufNpuiwVboWVRBFM+ncxw3OFRdoMkLK8fXKFuUW p7jVlglXe6lGIWm/ikALcNaHCeKBe0U74VwO0JW5Avmo2w4L7Azoj10F+4ADj4PM 1JwU2GPr+VAmZmPoxlUTAs838nSM+a44Uf8vAgMBAAGjggHsMIIB6DAdBgNVHQ4E FgQUS2uxhR1aacGsduU8AWjqJOer+9IwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv 5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9TMnV4aFIxYWFjR3NkdVU4QVdq cUpPZXItOUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGyicA MA0GCSqGSIb3DQEBCwUAA4IBAQCy5jakoKtWRD6rp5JkGrLJhOLMcPf7FCOl9tid Ygg10V5RAPXaT5zzb4xT1RJMRcwlL9ZPvgiaQ+HeRX+L0OIhBKXR5YrLXmgp91hA o2WvBqTYk2FktYbhImxL+iNihx1LTZbk37a1ZCl/ij6lfUhCk+GpgYLUBB7TCF28 Odux/mgVSAokUZBEJrf8vFjXxBrYxHdQYaPQSKJ9TQ5Ba2Sx9QR3CyP7LzQUpx+x VQ2OTYWWI99uhXNnvxKBZtmCeAxCEcmdaoTQWf+x9Anezkz7fZ4i+LbP3Pzk4jKx fejqXp6aLQ4lWxLkpuina4lZGKjOOTC9nnkzr0Lg38ni+5ln -----END CERTIFICATE-----Generated at Mon Apr 7 02:00:20 2025 by rpki-client